CCC and FSFE: German Federal Network Agency must improve

on: 2014-03-28

After multiple public hearings and political debates, the German Federal Network Agency (BNetzA) presented a set
of proposed regulations (German)
that would eliminate compulsory use of particular routers and improve the transparency of telecommunication
firms for customers. Compulsory routers tie customers to a device provided by the ISP. The Free Software Foundation
Europe (FSFE), Chaos Computer Club (CCC), and the project leadership of
IPFire and OpenWrt, as well as other experts,
reviewed these regulations and gave comments to
the BNetzA (German)

The ideas of the BNetzA, responsible for maintaining and promoting competition in the network marketplace, are welcome
in principle. The ISP will need to collect fundamental information such as technical functions on a product datasheet,
and end users can request the login credentials for the device. This should eliminate the compulsory use of particular
routers.

It is not clear, however, why the BNetzA wants to leave the burden of requesting the access data on the user, instead of
recording this on the proposed data sheet. Even the grand coalition (a coalition between the political parties CDU/CSU and SPD)
has clearly demanded otherwise in its coalition agreement. Then, the end
users would be in possession of the login credentials necesary to use an alternative router without explicitly asking.

"If the burden to request this information is on the user, the BNetzA hardly has the ability to check the ISP's responsiveness
in providing it. Then delays could continue, supported by unrepresentative individual cases. The users would have even more
complications that before", says Matthias Kirschner, vice-president of the FSFE. "To that end, the login credentials for all
available services must be known to the customer, unrequested, from the beginning of the contract, as even the government coalition
demanded."

Thus, unambiguous phrases must be added so that ISPs cannot find any loopholes. For example, the protocols used by the device
must also be known for full interchangeability.

"Without requiring the ISP to provide the login credentials and to be transparent about services and protocols,
ISP routers would still be de facto compulsory. Murky phrases and the requirement of requesting the information would reduce
the customers to suppliants," says Frank Rieger, spokesperson for the CCC.

Even the definition of a network termination point is not well-defined, in spite of a hearing called for that purpose,
at which the FSFE made a statement.

Additionally in the testing process, which ISPs have to offer in the future, there is need for improvement. According to the BNetzA's plans, the mechanism and details of the testing only need to be shared with the authorities, and not with individual
customers. This artificially limits the intended transparency and prevents the process from being evaluated by users and
independent specialists.

The regulations can only fulfill their purpose if the BNetzA improves the evaluation method for compulsory routers and
transparency. Only then the demands of the coalition agreement will be met. Anything else would only open more
loopholes, through which customers could be further coerced and discriminated against.